Emotet is not new, not by any means. It is the blanket name for the waves of phoney emails that come in many guises and just beg to be opened. It got so ubiquitous that it became the story that comedians grabbed onto and it made us laugh.
And, of course, Facebook was filled with stories of the Nigerian Ambassador’s wife who has been trying to give away billions for many years but no-one replied to her emails.
Emotet, though, is not funny.
Not only does it try and steal your information, by tempting you to part with bank details (to deposit the billions into) but it can also carry malware that can damage and disable computer systems.
The reason that Emotet is in the news, rather than just an on-going threat that we all live with is that it went quiet. It disappeared as a threat back in February and Sophos, who monitors these things, wondered whether the architects had been arrested or killed or had caught COVID-19. Then it reappeared on the 17th July and already our inboxes are full of strange emails from the Nigerian Ambassador’s wife or – even stranger – ourselves.
The real reason is probably that the architects of Emotet know that if they keep up a continuous attack, people will become hardened and suspicious and its effectiveness will drop significantly.
The other issue is that Emotet, by itself, is one thing and will probably only catch out the computer users who are elderly or not computer people. But, as we have reported, hacking is surging as the coronavirus feeds the panic that makes these attacks more effective.
The question is who is responsible for the defence against these dark arts. Is it the ISP or the network provider or your organisation’s IT department – or you.
The answer lies in some partnership between all of these entities and the key will be the education that will tie them together and push security up the list of your daily priorites.
Meanwhile, if you deleted Emotet from your list of things to watch out for, put it back on.